Closed sherlock-admin closed 11 months ago
4 comment(s) were left on this issue during the judging contest.
panprog commented:
invalid because admin is trusted
n33k commented:
invalid, ai generated groundless report
darkart commented:
The same as 14
polarzero commented:
Invalid. It is unclear what this issue describes. The protocol parameters seem to allow values above 100% (see ProtocolParameter.sol in the same folder), and validates them internally before storing them (see
validate
in ProtocolParameter.sol).
0xVinylDavyl
high
Unpredictable behavior from no range Checks for Wrapped UFixed6 Values, If a UFixed6 value representing a percentage exceeds 100%, it leads to incorrect calculations, fees, or other critical parameters
Summary
The code lacks range checks for
UFixed6
values extracted from the bit fields. This vulnerability can lead to values exceeding their intended ranges, potentially causing unpredictable behavior and vulnerabilities in the protocol.Vulnerability Detail
In the code provided, there is a missing range-check mechanism for
UFixed6
values that are extracted from the bit fields. TheseUFixed6
values represent fixed-point numbers with a specified number of decimal places. It is essential to ensure that these extracted values do not exceed their intended ranges to maintain the protocol's stability and integrity.Impact
Values that exceed their intended ranges can have various adverse effects on the protocol. For example, if a
UFixed6
value representing a percentage exceeds 100%, it may lead to incorrect calculations, fees, or other critical parameters. This can result in unexpected behavior and vulnerabilities within the protocol.Code Snippet
code snippet from the
validate
function where range checks should be applied to ensure that the extractedUFixed6
values remain within their intended ranges:https://github.com/sherlock-audit/2023-09-perennial/blob/main/perennial-v2/packages/perennial/contracts/types/RiskParameter.sol#L142
https://github.com/sherlock-audit/2023-09-perennial/blob/main/perennial-v2/packages/perennial/contracts/types/RiskParameter.sol#L144
https://github.com/sherlock-audit/2023-09-perennial/blob/main/perennial-v2/packages/perennial/contracts/types/RiskParameter.sol#L149
https://github.com/sherlock-audit/2023-09-perennial/blob/main/perennial-v2/packages/perennial/contracts/types/RiskParameter.sol#L156
Tool used
Manual Review
Recommendation
Implement range checks for
UFixed6
values extracted from the bit fields to ensure they stay within their intended ranges. Here is an example of a recommended mitigation step:In the recommended mitigation step, we ensure that each
UFixed6
value is checked against its intended range (in this case, not greater than 100%). If any value exceeds the range, the contract reverts with an error to prevent incorrect data from being processed. Repeat this pattern for all relevantUFixed6
values in the code.